Thank you so much!

I have a Weller WLC 40w, I did a good bit of reading before I bought it but I might have missed the mark. I got a brass sponge that I stuck in an old metal canister, and some of those crappy plastic unpowered vacuum suckers off Amazon.

I did buy my solder on Amazon, I wonder if that’s been an issue. It’s this: Kester 24-6337-0010 44 Rosin Core Solder 63/37, and I don’t use flux with it.

The solder you have, is it regulated because of lead content? I can go buy a hunk of pure lead without question so it’s weird to me if that’s the case.

Can you post a gear list? I got an iron a while ago and some crappy Amazon sucker tubes but I really think I’m missing some stuff because I’m either missing stuff or using crappy solder. I like to try and just take components off boards for practice but even that is a huge struggle. I’ve fixed a couple things but it’s rough work for sure.

I know it’s probably a skill issue, but I think some other tools might make certain things a bit easier as well, but without someone I know to ask questions I don’t want to just buy some random stuff.

First of all, get a sleep study done. Sleep paralysis can be a sign of underlying sleeping disorders such as apnea, which is incredibly unhealthy if untreated.

If you study checks out clean and you’re still looking for a way to manipulate something with your fingers then the only thing I can think of that you’d be able to DIY is some kind of Arduino-type button thingamajig that you could strap to a finger that sends a wireless signal to some kind of alarm in the room.

A D1 mini is small, cheap, and easy to configure. If you have no idea what I’m talking about you’ll need to do some homework and learn some stuff, but as far as projects go it’s pretty simple to set up. Hardest part would likely be rigging something that you could use that doesn’t get triggered inadvertently. Cockpit style toggle switch with a cover, maybe? Lol.

There’s a few ways to “detect” VPN traffic, and you’re missing some but port blocking is one of them. Rerouting over 443 is a possible workaround, but depending on the network architecture they can still detect VPN traffic using deep packet inspection.

Blocking ports is a very simple mechanism to prevent things and it doesn’t take long for a business to grow into IT management that involves more sophisticated methods like DPI.

VPN protocols have distinguishable packet headers/metadata/handshakes/etc. DPI can easily identify and block those, or any other known protocols, if they have it configured to do so.

Server equipment is not on any normal burglar’s list of items to nab. It’s such a low risk I think it’s completely not worth worrying about.

It’s incredibly unlikely they’ll know what they’re looking at in the first place, and won’t be assed to carry out heavy switches and PC gear “just in case” to look it up later. They want to get in, check rooms and closets, drawers, etc and GTFO before you come home or a neighbor notices. Computers aren’t as expensive as they used to be. Gaming laptops might look attractive, but other than that you’re fine.

They want jewelry, cash, guns, good tools, silver, modern game consoles, expensive bicycles, etc. These are all things that are easy to carry and pawn or sell well on the street. Nobody is selling switch gear at a pawn shop or to random people, so even if they know the value of what they’re looking at (extremely unlikely) they’ll leave it because it’s too hard to fence.

If you’re that worried about theft then set up good full disk encryption and have off-site backups of your data (should do that anyways) but you don’t need to worry about physical security at home, at least not specifically in regards to your home lab.

Businesses are at much higher risk for hardware theft, from employees or from others that are targeting the locations specifically because they DO understand the value and have a way to offload the gear, but those same people won’t be randomly breaking into people’s houses hoping they’ve got Cisco gear in a closet somewhere.

I’d recommend using unifi/ubiquiti switches. They’re a bit pricey but they’re incredibly solid and you can manage them with a self hosted container of unifi controller software.

A good place to start is one of their 8port POE switches. I have a couple and they’re L3 switches (so you can do VLAN stuff like you want), and I’ve never ever had a problem with any of them. Even with the inexpensive ones their POE budget is pretty good, and great to power other switches or APs. They don’t power some cameras so you might need injectors for some thirsty gear.

The controller software is pretty good, and will let you manage the switches without getting into command line config at first (which can be a crutch so be cautious of that, especially if you want to branch out into other cheaper switches or take advantage of good 2nd hand gear deals you find).

But for your network I think an 8 port and a WAP are a good place to start. Get away from using your combo router as your wireless AP (or use both) and get some VLANs set up, and work on inter-VLAN routing and firewall rules.

How do you want to segment your network?

I recommend you have the following to start:

-management VLAN

-trusted devices

-guest/IoT devices

Just getting those three set up correctly will teach you a lot and let you environment. Firewall/routing rules to allow connections through in certain directions and not others is… fun to get the hang of if you’re new.

What are you planning on using as your router? Your combo router might tie your hands if that’s what you plan to use for everything. Combo routers generally suck at everything. You can get a cheap router also, edgerouter er-x is a fine choice but it’s not the best, but it’ll still outdo whatever you currently have, I’m sure. Put it behind your modem at your network edge and you can manage your vlan routing and your firewall on one device.

Additionally you can set up a VPN server on one of your PCs and set up static routes to allow you to tunnel in and access your network when you’re out (wireguard for the win).

Good luck on your journey! There’s a lot to learn so don’t get frustrated then your stuff doesn’t work. Back up your configs so you can revert back and be REALLY careful because it’s easy enough to make your stuff insecure by trying to make stuff work. Yeah it’ll function but next thing you know you’ve got a ransomware virus on your entire network… Not fun, I hear.

As you set up your VLANs look into VLAN traversal, it’s a means of network attack that allows attackers to cross over from one VLAN to another when you set up trunk/switch ports and VLAN tagging incorrectly. Again, your stuff will work but it’ll be vulnerable (not really a problem at home as long as your firewall works fine but still).

Edit: you can go with a router with several ports but I’d recommend you shy away from that if you have the money for dedicated devices. Routers are better at routing (L3) and switches are better at switching (L2). Their guts are built for different things and your network will be much faster if you use them for their intended purpose.

There was this asshole teacher, one of his students stole his car and crashed it through a set of double doors into the building. Destroyed the entire entryway and both sets of heavy duty doors.

Epic, man. Everyone hated that teacher and he had bought one of the new VW bugs when they first started making the new ones and he thought it was just so cool.

I disagree with you about the degree, actually. A degree in compsci is a baseline in the tech industry, like certs. Not really on the security side, more on development. It depends on what they want to do and where they’re willing to move to, luck, etc for them to be successful. Overall bachelor’s degrees have gotten less valuable in general and compsci is not what it used to be, but it’s still a good foundation. Pair it with some CompTIA or CCNA certs and they’re off to the races if they want to be versatile, or they can go deeper into some code/architecture based stuff if they want to stay in development.

The domain of AI isn’t cybersecurity, it’s data collection and data analysis. AI in its current form is laid on the foundation of massive quantities of data. Collecting, sorting, and cataloguing all of that in useful/indexable ways is the cornerstone of machine learning (AI).

It’s hard to say where AI is going to take us in the next 10 years, but if your kids stay AI literate they should be pretty good. I hate Google but they have some of the best AI training on the market right now, so as much as I hate to recommend them as a source I have to be pragmatic and mention it if you’re going to recommend something to your kids for their success.

I don’t really agree with your assessment of where AI currently is at. It sounds like you’re probably underestimating the current capabilities. The problem right now is we don’t know how to control it, not that it’s not capable enough. On top of that the pace of acceleration is insane so even if you’re on the mark and I’m not, the field will have shifted so far in 2-3 years that your position will no longer be correct and mine will be then. But, I do agree that cybersecurity isn’t really “the next domain” of AI, even if it’s integral to it like it is with all computer stuff.

I don’t think they’d go wrong getting into security, it’s not going anywhere any time soon. If anything it’s going to continually grow with technical advancements and expansion of application.

I think everything you learn will for the most part apply everywhere, there’s just no singular definitive source for everything. It’s like saying you want to learn politics, or you want to learn construction, or you want to learn math. The field is so wide that you can’t just get a single book about everything.

You definitely can specialize in sub fields though. My favorite areas are network architecture/security and social engineering. My primary skills lie in disaster planning and recovery though, because I migrated from a different industry where I applied pretty much the exact same thought methodology.

You can find plenty of free sec+ study materials to get you started. It is basic, yes, but real cyber security comes from understanding systems, protocols, and best practices and honestly I’m not sure there’s a good book that can give you that. I could be wrong, we’ll see other posts if they show up, but starting with sec+ material and then reading deeper on things would be my recommendation.

Understanding active directory, Linux permissions and file structure, VPNs, firewalls, different security appliances, hashing, crypto methods/algorithms, handshakes, transmission protocols, VMs, cloud architectures, backup strategies, social engineering, etc - it all plays a part. You could find a number of books and resources about any of those things.

Certs like LPI Linux essentials is pretty good if you’re unfamiliar with Linux basics, that’s another one to look into where you can find free study material.

I guess what I’m saying is that cyber security is REALLY complicated and will always be tailored to the threats, the assets you’re trying to protect, available budget, and systems used. It’s why certs are the industry standard of recognition, because there’s really not a good way to gauge competency unless you’re assessed by another competent person in the field. And you may be AWESOME with an active directory setup but be lost in Linux, or need to work with embedded systems, but be weak in other areas because you’ve never worked with it, so certs kind of level the field so you can be at least aware of stuff if you’ve never worked with it.

I would not consider myself an expert in the field but this is my perspective. You can learn for the next 10 years for free and by just experimenting on old hardware and with VMs and a robust LAN.

The cyber landscape is so, so complex. There’s an endless number of options and potential vulnerabilities. Defense in depth can’t really be taught from a single book, but by identifying areas you’d like to learn more about can take you as far down the rabbit hole as you like.

As long as you vote for someone I don’t care whether you choose the candidate that I would vote for. There’s no wasted votes, I’ve voted 3rd party when the major candidates aren’t someone I can vote for in good conscience.

If you abstain on “principle” because there isn’t a politician that perfectly aligns with your values then yeah, you’re just dumb and you’re part of the problem.

About 60% of the country votes in the general election, much less in the primaries, and much, much less in local elections. People that don’t vote because they can’t be assed suck, but the ones that sit on a high horse and scoff at the system that they play a huge hand in perpetuating through some misguided moral high ground are literally the worst.

Bruh what do you think political parties are?

Unions, national alliances, society… It’s all people compromising on their individual values.

Good for you for letting perfect be the enemy of good, bet you feel so vindicated as the world burns down around you.

Well I never, daggone real looking wood duck right there

The Hook Up YouTube channel has a ton of awesome non sponsored reviews of tech that you might be interested in. Projectors, sound equipment, etc. I’ve honestly never seen better consumer review content.

https://www.youtube.com/channel/UC2gyzKcHbYfqoXA5xbyGXtQ

Personally I don’t care for home theater so often I skip videos about projectors, but there’s a ton of stuff there that might help you make some decisions - at the very least you’ll walk away better educated about what makes a quality piece of kit.

BJJ is one of the most “useful” when it comes to actually fighting (along with boxing).

Karate and TKD are more of an art/discipline. A well trained karate fighter will very likely outmove an untrained assailant, but someone moderately trained in BJJ will likely be able to subdue/get away from a very well karate or TKD fighter.

Honestly, BJJ is an amazing skill to have in a pinch, and it trains you in grappling with opponents that have a size/weight disparity.

Not all gyms/dojos use belts, even in BJJ. BJJ belts follow a pretty good progression based on skill, whereas karate (can’t say for TKD, never trained in it personally) often relies on performance of kata in order to progress to the next belt. Kata is choreographed movements, it’s more like a dance that you practice than an actual measure of ability to spar/fight.

If OP wants to get their kid into a fighting sport that’s fun and relatively safe, they can pick any discipline. If they want the added bonus of their kid being much better equipped to defend themself from a real aggressor they would do best getting them into BJJ, boxing, and then wrestling once they’re in middle/high school.

I would personally avoid boxing for my own kids due to the repeated head trauma and risk of fractures, but it’s the best real world striking training you’ll get, at least in the USA. BJJ and wrestling help you immensely once you’re on the ground, which is where 90% of street fights go within the first couple seconds, but a real, dangerous, fight is often over before it starts and countering a sucker punch or landing a decisive one yourself before the opponent can react is often the most important thing.

One of the downsides of BJJ is that it’s culturally tied to MMA in the USA now, which means that if OPs kid does BJJ for a while in their youth they’ll be more inclined to get into MMA in early adulthood, which is not something I would want for my children. But it’s a great skill regardless.

Not trying to go down a rabbit hole, nor invade your teen’s privacy, but have you done any kind of packet inspection on what’s going out/in? Teens can surprise you with the kind of stuff they’re up to sometimes.

I’m not sure why your resolver started acting up but what you’re describing doesn’t sound like normal cause/effect. Four people on a residential connection, even if you throw in a ton of electronic devices and iot/crap that calls home constantly shouldn’t cause any kind of ISP engagement.

Not like it really matters, for 99.9% of people having a forwarder is easy and just fine and there isn’t good reason to troubleshoot it if there’s a working solution. I’m pretty privacy conscious and I don’t even think having my own forwarder is worth the hassle, I am just choosy about my upstream.

My theory at this point is that it’s the equivalent of an audio editing meme. I think they just want to see how often they can get it into a final cut, for the lulz.

If pi hole is configured to use another DNS it will still forward your request, just not to your ISP DNS server. Essentially you’re providing your DNS requests to a 3rd party, for a slight boost to performance (because they’ll have tons of stuff cached and can do recursive queries faster if you’re requesting a site not in their cache.) Your web pages will load faster because you don’t have an SBC trying to manually figure out what’s the IP for bigfuckdaddyhairbrushemporium.net

The downside is you’re exposing your DNS queries to a 3rd party and it’s a bit of a privacy hit, as the upstream DNS server you select has your public IP correlated with your DNS requests. Doesn’t really matter to most, but it does for some.

Even if your ISP did have something in place to try and prevent abuse I find it unlikely it would trigger over normal traffic. Do you have a huge network/many hosts/exposed services?

I appreciate your reply but I haven’t had the time to go through your links. I just wanted to mention that I appreciate it and I’ll reply in another comment when I get the chance to respond!